use of eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter in project CzechIdMng by bcvsolutions.
the class DefaultAccRoleAccountService method delete.
@Override
@Transactional
public void delete(AccRoleAccountDto entity, boolean deleteTargetAccount, BasePermission... permission) {
Assert.notNull(entity, "Entity is required.");
super.delete(entity, permission);
UUID account = entity.getAccount();
// We check if exists another (ownership) identityAccounts, if not
// then
// we will delete account
AccRoleAccountFilter filter = new AccRoleAccountFilter();
filter.setAccountId(account);
filter.setOwnership(Boolean.TRUE);
List<AccRoleAccountDto> entityAccounts = this.find(filter, null).getContent();
boolean moreEntityAccounts = entityAccounts.stream().filter(treeAccount -> {
return treeAccount.isOwnership() && !treeAccount.equals(entity);
}).findAny().isPresent();
if (!moreEntityAccounts && entity.isOwnership()) {
// We delete all tree accounts first
entityAccounts.forEach(identityAccount -> {
super.delete(identityAccount);
});
// Finally we can delete account
accountService.publish(new AccountEvent(AccountEventType.DELETE, accountService.get(account), ImmutableMap.of(AccAccountService.DELETE_TARGET_ACCOUNT_PROPERTY, deleteTargetAccount, AccAccountService.ENTITY_ID_PROPERTY, entity.getEntity())));
}
}
use of eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter in project CzechIdMng by bcvsolutions.
the class DefaultRoleSynchronizationExecutorTest method testSyncRolesCatalogueRemoveUnderMain.
@Test
public void testSyncRolesCatalogueRemoveUnderMain() {
AbstractSysSyncConfigDto syncConfigCustom = createSyncConfig();
SysSystemDto userSystem = helper.createTestResourceSystem(true);
List<SysSystemMappingDto> userSystemMappings = systemMappingService.findBySystem(userSystem, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY);
Assert.assertNotNull(userSystemMappings);
Assert.assertEquals(1, userSystemMappings.size());
SysSystemMappingDto userMappingDto = userSystemMappings.get(0);
// Switch to the sync.
userMappingDto.setOperationType(SystemOperationType.SYNCHRONIZATION);
userMappingDto = systemMappingService.save(userMappingDto);
List<SysSystemAttributeMappingDto> attributeMappingDtos = schemaAttributeMappingService.findBySystemMapping(userMappingDto);
SysSystemAttributeMappingDto userEmailAttribute = attributeMappingDtos.stream().filter(attribute -> attribute.getName().equalsIgnoreCase(TestHelper.ATTRIBUTE_MAPPING_EMAIL)).findFirst().orElse(null);
Assert.assertNotNull(userEmailAttribute);
Assert.assertFalse(syncConfigService.isRunning(syncConfigCustom));
Assert.assertTrue(syncConfigCustom instanceof SysSyncRoleConfigDto);
SysSyncRoleConfigDto roleConfigDto = (SysSyncRoleConfigDto) syncConfigCustom;
SysSystemMappingDto systemMappingDto = DtoUtils.getEmbedded(syncConfigCustom, SysSyncConfig_.systemMapping, SysSystemMappingDto.class);
SysSchemaObjectClassDto schemaObjectClassDto = DtoUtils.getEmbedded(systemMappingDto, SysSystemMapping_.objectClass, SysSchemaObjectClassDto.class);
UUID roleSystemId = schemaObjectClassDto.getSystem();
Assert.assertNotNull(roleSystemId);
SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
schemaAttributeFilter.setSystemId(roleSystemId);
schemaAttributeFilter.setObjectClassId(schemaObjectClassDto.getId());
SysSchemaAttributeDto schemaAttributeDto = schemaAttributeService.find(schemaAttributeFilter, null).getContent().stream().filter(attribute -> attribute.getName().equalsIgnoreCase("name")).findFirst().orElse(null);
Assert.assertNotNull(schemaAttributeDto);
SysSystemDto roleSystemDto = new SysSystemDto();
roleSystemDto.setId(roleSystemId);
List<SysSystemMappingDto> roleSystemMappings = systemMappingService.findBySystem(roleSystemDto, SystemOperationType.SYNCHRONIZATION, SystemEntityType.ROLE);
Assert.assertNotNull(roleSystemMappings);
Assert.assertEquals(1, roleSystemMappings.size());
SysSystemMappingDto roleMappingDto = roleSystemMappings.get(0);
// Use ACC script "resolveRoleCatalogueUnderMainCatalogue".
IdmScriptFilter scriptFilter = new IdmScriptFilter();
scriptFilter.setCode("resolveRoleCatalogueUnderMainCatalogue");
scriptFilter.setCategory(IdmScriptCategory.TRANSFORM_FROM);
String catalogTransformationScript = null;
IdmScriptDto scriptDto = scriptService.find(scriptFilter, null).getContent().stream().findFirst().orElse(null);
if (scriptDto != null) {
catalogTransformationScript = this.getPluginExecutors().getPluginFor(IdmScriptCategory.TRANSFORM_FROM).generateTemplate(scriptDto);
}
Assert.assertNotNull(catalogTransformationScript);
// Create mapping attribute for get catalog.
SysSystemAttributeMappingDto roleIdAttribute = new SysSystemAttributeMappingDto();
roleIdAttribute.setEntityAttribute(true);
roleIdAttribute.setUid(false);
roleIdAttribute.setSystemMapping(roleMappingDto.getId());
roleIdAttribute.setExtendedAttribute(false);
roleIdAttribute.setIdmPropertyName(RoleSynchronizationExecutor.ROLE_CATALOGUE_FIELD);
roleIdAttribute.setSchemaAttribute(schemaAttributeDto.getId());
roleIdAttribute.setTransformFromResourceScript(catalogTransformationScript);
roleIdAttribute.setName(helper.createName());
roleIdAttribute = attributeMappingService.save(roleIdAttribute);
IdmRoleCatalogueDto parentRoleCatalogue = getHelper().createRoleCatalogue();
IdmRoleCatalogueDto mainRoleCatalogue = getHelper().createRoleCatalogue(getHelper().createName(), parentRoleCatalogue.getId());
// Enable assign of role catalogue.
roleConfigDto.setAssignCatalogueSwitch(true);
roleConfigDto.setRemoveCatalogueRoleSwitch(false);
roleConfigDto.setMainCatalogueRoleNode(mainRoleCatalogue.getId());
roleConfigDto.setRemoveCatalogueRoleParentNode(mainRoleCatalogue.getId());
syncConfigCustom = syncConfigService.save(roleConfigDto);
//
helper.startSynchronization(syncConfigCustom);
//
SysSyncLogFilter logFilter = new SysSyncLogFilter();
logFilter.setSynchronizationConfigId(syncConfigCustom.getId());
List<SysSyncLogDto> logs = syncLogService.find(logFilter, null).getContent();
Assert.assertEquals(1, logs.size());
SysSyncLogDto log = logs.get(0);
Assert.assertFalse(log.isRunning());
Assert.assertFalse(log.isContainsError());
helper.checkSyncLog(syncConfigCustom, SynchronizationActionType.CREATE_ENTITY, 5, OperationResultType.SUCCESS);
AccRoleAccountFilter roleAccountFilter = new AccRoleAccountFilter();
roleAccountFilter.setSystemId(roleSystemId);
List<AccRoleAccountDto> roleAccountDtos = roleAccountService.find(roleAccountFilter, null).getContent();
Assert.assertEquals(5, roleAccountDtos.size());
roleAccountDtos.forEach(roleAccountDto -> {
UUID roleId = roleAccountDto.getRole();
IdmRoleCatalogueRoleFilter roleCatalogueRoleFilter = new IdmRoleCatalogueRoleFilter();
roleCatalogueRoleFilter.setRoleId(roleId);
List<IdmRoleCatalogueRoleDto> roleCatalogueRoleDtos = roleCatalogueRoleService.find(roleCatalogueRoleFilter, null).getContent();
Assert.assertEquals(1, roleCatalogueRoleDtos.size());
Assert.assertEquals(mainRoleCatalogue.getId(), roleCatalogueRoleDtos.get(0).getRoleCatalogue());
});
roleAccountDtos.forEach(roleAccountDto -> {
UUID roleId = roleAccountDto.getRole();
getHelper().createRoleCatalogueRole(roleService.get(roleId), mainRoleCatalogue);
getHelper().createRoleCatalogueRole(roleService.get(roleId), parentRoleCatalogue);
IdmRoleCatalogueRoleFilter roleCatalogueRoleFilter = new IdmRoleCatalogueRoleFilter();
roleCatalogueRoleFilter.setRoleId(roleId);
List<IdmRoleCatalogueRoleDto> roleCatalogueRoleDtos = roleCatalogueRoleService.find(roleCatalogueRoleFilter, null).getContent();
// The role is in 3 catalogs (one from system, two redundant).
Assert.assertEquals(3, roleCatalogueRoleDtos.size());
Assert.assertEquals(mainRoleCatalogue.getId(), roleCatalogueRoleDtos.get(0).getRoleCatalogue());
});
// Start a sync again. Remove redundant catalogs is not enabled -> Same results.
helper.startSynchronization(syncConfigCustom);
helper.checkSyncLog(syncConfigCustom, SynchronizationActionType.UPDATE_ENTITY, 5, OperationResultType.SUCCESS);
roleAccountDtos.forEach(roleAccountDto -> {
UUID roleId = roleAccountDto.getRole();
IdmRoleCatalogueRoleFilter roleCatalogueRoleFilter = new IdmRoleCatalogueRoleFilter();
roleCatalogueRoleFilter.setRoleId(roleId);
List<IdmRoleCatalogueRoleDto> roleCatalogueRoleDtos = roleCatalogueRoleService.find(roleCatalogueRoleFilter, null).getContent();
// Remove redundant catalogs is not enabled -> Same results: The role is in 3 catalogs (one from system, two redundant).
Assert.assertEquals(3, roleCatalogueRoleDtos.size());
Assert.assertEquals(mainRoleCatalogue.getId(), roleCatalogueRoleDtos.get(0).getRoleCatalogue());
});
roleConfigDto.setRemoveCatalogueRoleSwitch(true);
roleConfigDto.setRemoveCatalogueRoleParentNode(mainRoleCatalogue.getId());
syncConfigCustom = syncConfigService.save(roleConfigDto);
// Start a sync again. Remove redundant catalogs is enabled -> Redundant relation from main catalog should be removed.
helper.startSynchronization(syncConfigCustom);
helper.checkSyncLog(syncConfigCustom, SynchronizationActionType.UPDATE_ENTITY, 5, OperationResultType.SUCCESS);
roleAccountDtos.forEach(roleAccountDto -> {
UUID roleId = roleAccountDto.getRole();
IdmRoleCatalogueRoleFilter roleCatalogueRoleFilter = new IdmRoleCatalogueRoleFilter();
roleCatalogueRoleFilter.setRoleId(roleId);
List<IdmRoleCatalogueRoleDto> roleCatalogueRoleDtos = roleCatalogueRoleService.find(roleCatalogueRoleFilter, null).getContent();
// Remove redundant catalogs is enabled -> Redundant relation from main catalog should be removed: The role is in 2 catalogs (one from system, one redundant).
Assert.assertEquals(2, roleCatalogueRoleDtos.size());
Assert.assertEquals(mainRoleCatalogue.getId(), roleCatalogueRoleDtos.get(0).getRoleCatalogue());
});
roleConfigDto.setRemoveCatalogueRoleSwitch(true);
roleConfigDto.setRemoveCatalogueRoleParentNode(parentRoleCatalogue.getId());
syncConfigCustom = syncConfigService.save(roleConfigDto);
// Start a sync again. Remove redundant catalogs is enabled -> Redundant relation from parent catalog should be removed.
helper.startSynchronization(syncConfigCustom);
helper.checkSyncLog(syncConfigCustom, SynchronizationActionType.UPDATE_ENTITY, 5, OperationResultType.SUCCESS);
roleAccountDtos.forEach(roleAccountDto -> {
UUID roleId = roleAccountDto.getRole();
IdmRoleCatalogueRoleFilter roleCatalogueRoleFilter = new IdmRoleCatalogueRoleFilter();
roleCatalogueRoleFilter.setRoleId(roleId);
List<IdmRoleCatalogueRoleDto> roleCatalogueRoleDtos = roleCatalogueRoleService.find(roleCatalogueRoleFilter, null).getContent();
// Remove redundant catalogs is enabled -> Redundant relation from parent catalog should be removed: The role is in 1 catalog.
Assert.assertEquals(1, roleCatalogueRoleDtos.size());
Assert.assertEquals(mainRoleCatalogue.getId(), roleCatalogueRoleDtos.get(0).getRoleCatalogue());
});
cleanAfterTest(syncConfigCustom, roleSystemId, log, roleAccountDtos);
}
use of eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter in project CzechIdMng by bcvsolutions.
the class DefaultRoleSynchronizationExecutorTest method testSyncRolesMembership.
@Test
public void testSyncRolesMembership() {
AbstractSysSyncConfigDto syncConfigCustom = createSyncConfig();
SysSystemDto userSystem = helper.createTestResourceSystem(true);
List<SysSystemMappingDto> userSystemMappings = systemMappingService.findBySystem(userSystem, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY);
Assert.assertNotNull(userSystemMappings);
Assert.assertEquals(1, userSystemMappings.size());
SysSystemMappingDto userMappingDto = userSystemMappings.get(0);
// Switch to the sync.
userMappingDto.setOperationType(SystemOperationType.SYNCHRONIZATION);
userMappingDto = systemMappingService.save(userMappingDto);
List<SysSystemAttributeMappingDto> attributeMappingDtos = schemaAttributeMappingService.findBySystemMapping(userMappingDto);
SysSystemAttributeMappingDto userEmailAttribute = attributeMappingDtos.stream().filter(attribute -> attribute.getName().equalsIgnoreCase(TestHelper.ATTRIBUTE_MAPPING_EMAIL)).findFirst().orElse(null);
Assert.assertNotNull(userEmailAttribute);
Assert.assertFalse(syncConfigService.isRunning(syncConfigCustom));
Assert.assertTrue(syncConfigCustom instanceof SysSyncRoleConfigDto);
SysSyncRoleConfigDto roleConfigDto = (SysSyncRoleConfigDto) syncConfigCustom;
SysSystemMappingDto systemMappingDto = DtoUtils.getEmbedded(syncConfigCustom, SysSyncConfig_.systemMapping, SysSystemMappingDto.class);
SysSchemaObjectClassDto schemaObjectClassDto = DtoUtils.getEmbedded(systemMappingDto, SysSystemMapping_.objectClass, SysSchemaObjectClassDto.class);
UUID roleSystemId = schemaObjectClassDto.getSystem();
Assert.assertNotNull(roleSystemId);
SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
schemaAttributeFilter.setSystemId(roleSystemId);
schemaAttributeFilter.setObjectClassId(schemaObjectClassDto.getId());
SysSchemaAttributeDto schemaAttributeDto = schemaAttributeService.find(schemaAttributeFilter, null).getContent().stream().filter(attribute -> attribute.getName().equalsIgnoreCase("name")).findFirst().orElse(null);
Assert.assertNotNull(schemaAttributeDto);
SysSystemDto roleSystemDto = new SysSystemDto();
roleSystemDto.setId(roleSystemId);
List<SysSystemMappingDto> roleSystemMappings = systemMappingService.findBySystem(roleSystemDto, SystemOperationType.SYNCHRONIZATION, SystemEntityType.ROLE);
Assert.assertNotNull(roleSystemMappings);
Assert.assertEquals(1, roleSystemMappings.size());
SysSystemMappingDto roleMappingDto = roleSystemMappings.get(0);
// Create mapping attribute for get ID of role.
SysSystemAttributeMappingDto roleIdAttribute = new SysSystemAttributeMappingDto();
roleIdAttribute.setEntityAttribute(true);
roleIdAttribute.setUid(false);
roleIdAttribute.setSystemMapping(roleMappingDto.getId());
roleIdAttribute.setExtendedAttribute(false);
roleIdAttribute.setIdmPropertyName(RoleSynchronizationExecutor.ROLE_MEMBERSHIP_ID_FIELD);
roleIdAttribute.setSchemaAttribute(schemaAttributeDto.getId());
roleIdAttribute.setName(helper.createName());
attributeMappingService.save(roleIdAttribute);
// Enable membership and use the user system.
roleConfigDto.setMembershipSwitch(true);
roleConfigDto.setMemberSystemMapping(userMappingDto.getId());
roleConfigDto.setMemberOfAttribute(userEmailAttribute.getId());
syncConfigCustom = syncConfigService.save(roleConfigDto);
//
helper.startSynchronization(syncConfigCustom);
//
SysSyncLogFilter logFilter = new SysSyncLogFilter();
logFilter.setSynchronizationConfigId(syncConfigCustom.getId());
List<SysSyncLogDto> logs = syncLogService.find(logFilter, null).getContent();
Assert.assertEquals(1, logs.size());
SysSyncLogDto log = logs.get(0);
Assert.assertFalse(log.isRunning());
Assert.assertFalse(log.isContainsError());
helper.checkSyncLog(syncConfigCustom, SynchronizationActionType.CREATE_ENTITY, 5, OperationResultType.SUCCESS);
AccRoleAccountFilter roleAccountFilter = new AccRoleAccountFilter();
roleAccountFilter.setSystemId(roleSystemId);
List<AccRoleAccountDto> roleAccountDtos = roleAccountService.find(roleAccountFilter, null).getContent();
Assert.assertEquals(5, roleAccountDtos.size());
roleAccountDtos.forEach(roleAccountDto -> {
SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
roleSystemFilter.setRoleId(roleAccountDto.getRole());
List<SysRoleSystemDto> roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
Assert.assertEquals(1, roleSystemDtos.size());
SysRoleSystemDto roleSystem = roleSystemDtos.get(0);
// Check mapping attribute (should be email).
SysRoleSystemAttributeFilter roleSystemAttributeFilter = new SysRoleSystemAttributeFilter();
roleSystemAttributeFilter.setRoleSystemId(roleSystem.getId());
List<SysRoleSystemAttributeDto> roleSystemAttributeDtos = roleSystemAttributeService.find(roleSystemAttributeFilter, null).getContent();
Assert.assertEquals(1, roleSystemAttributeDtos.size());
Assert.assertEquals(userEmailAttribute.getId(), roleSystemAttributeDtos.get(0).getSystemAttributeMapping());
});
cleanAfterTest(syncConfigCustom, roleSystemId, log, roleAccountDtos);
}
use of eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter in project CzechIdMng by bcvsolutions.
the class DefaultRoleSynchronizationExecutorTest method testSyncRolesAssignToUsers.
@Test
public void testSyncRolesAssignToUsers() {
AbstractSysSyncConfigDto syncConfigCustom = createSyncConfig();
SysSystemDto userSystem = helper.createTestResourceSystem(true);
List<SysSystemMappingDto> userSystemMappings = systemMappingService.findBySystem(userSystem, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY);
Assert.assertNotNull(userSystemMappings);
Assert.assertEquals(1, userSystemMappings.size());
SysSystemMappingDto userMappingDto = userSystemMappings.get(0);
// Switch to the sync.
userMappingDto.setOperationType(SystemOperationType.SYNCHRONIZATION);
userMappingDto = systemMappingService.save(userMappingDto);
SysSyncIdentityConfigDto userSyncConfig = createUserSyncConfig(userSystem);
List<SysSystemAttributeMappingDto> attributeMappingDtos = schemaAttributeMappingService.findBySystemMapping(userMappingDto);
SysSystemAttributeMappingDto userEmailAttribute = attributeMappingDtos.stream().filter(attribute -> attribute.getName().equalsIgnoreCase(TestHelper.ATTRIBUTE_MAPPING_EMAIL)).findFirst().orElse(null);
Assert.assertNotNull(userEmailAttribute);
SysSystemAttributeMappingDto enableAttribute = attributeMappingDtos.stream().filter(attribute -> attribute.getName().equalsIgnoreCase(TestHelper.ATTRIBUTE_MAPPING_ENABLE)).findFirst().orElse(null);
Assert.assertNotNull(enableAttribute);
enableAttribute.setDisabledAttribute(true);
attributeMappingService.save(enableAttribute);
Assert.assertFalse(syncConfigService.isRunning(syncConfigCustom));
Assert.assertTrue(syncConfigCustom instanceof SysSyncRoleConfigDto);
SysSyncRoleConfigDto roleConfigDto = (SysSyncRoleConfigDto) syncConfigCustom;
SysSystemMappingDto systemMappingDto = DtoUtils.getEmbedded(syncConfigCustom, SysSyncConfig_.systemMapping, SysSystemMappingDto.class);
SysSchemaObjectClassDto schemaObjectClassDto = DtoUtils.getEmbedded(systemMappingDto, SysSystemMapping_.objectClass, SysSchemaObjectClassDto.class);
UUID roleSystemId = schemaObjectClassDto.getSystem();
Assert.assertNotNull(roleSystemId);
SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
schemaAttributeFilter.setSystemId(roleSystemId);
schemaAttributeFilter.setObjectClassId(schemaObjectClassDto.getId());
SysSchemaAttributeDto schemaAttributeDto = schemaAttributeService.find(schemaAttributeFilter, null).getContent().stream().filter(attribute -> attribute.getName().equalsIgnoreCase("name")).findFirst().orElse(null);
Assert.assertNotNull(schemaAttributeDto);
SysSystemDto roleSystemDto = new SysSystemDto();
roleSystemDto.setId(roleSystemId);
List<SysSystemMappingDto> roleSystemMappings = systemMappingService.findBySystem(roleSystemDto, SystemOperationType.SYNCHRONIZATION, SystemEntityType.ROLE);
Assert.assertNotNull(roleSystemMappings);
Assert.assertEquals(1, roleSystemMappings.size());
SysSystemMappingDto roleMappingDto = roleSystemMappings.get(0);
// Create mapping attribute for get ID of role.
SysSystemAttributeMappingDto roleIdAttribute = new SysSystemAttributeMappingDto();
roleIdAttribute.setEntityAttribute(true);
roleIdAttribute.setUid(false);
roleIdAttribute.setSystemMapping(roleMappingDto.getId());
roleIdAttribute.setExtendedAttribute(false);
roleIdAttribute.setIdmPropertyName(RoleSynchronizationExecutor.ROLE_MEMBERSHIP_ID_FIELD);
roleIdAttribute.setSchemaAttribute(schemaAttributeDto.getId());
roleIdAttribute.setName(helper.createName());
attributeMappingService.save(roleIdAttribute);
String usernameOne = getHelper().createName();
String usernameTwo = getHelper().createName();
// Create mapping attribute for get ID of role.
SysSystemAttributeMappingDto membersRoleAttribute = new SysSystemAttributeMappingDto();
membersRoleAttribute.setEntityAttribute(true);
membersRoleAttribute.setUid(false);
membersRoleAttribute.setSystemMapping(roleMappingDto.getId());
membersRoleAttribute.setExtendedAttribute(false);
membersRoleAttribute.setIdmPropertyName(RoleSynchronizationExecutor.ROLE_MEMBERS_FIELD);
membersRoleAttribute.setSchemaAttribute(schemaAttributeDto.getId());
membersRoleAttribute.setName(helper.createName());
membersRoleAttribute.setTransformFromResourceScript("return ['" + usernameOne + "', '" + usernameTwo + "'];");
membersRoleAttribute = attributeMappingService.save(membersRoleAttribute);
SysSchemaAttributeFilter schemaUserAttributeFilter = new SysSchemaAttributeFilter();
schemaUserAttributeFilter.setSystemId(userSystem.getId());
SysSchemaAttributeDto nameUserSchemaAttribute = schemaAttributeService.find(schemaUserAttributeFilter, null).getContent().stream().filter(attribute -> "name".equalsIgnoreCase(attribute.getName())).findFirst().orElse(null);
Assert.assertNotNull(nameUserSchemaAttribute);
// Enable membership, assign role to users, and use the user system.
roleConfigDto.setMembershipSwitch(true);
roleConfigDto.setMemberSystemMapping(userMappingDto.getId());
roleConfigDto.setMemberOfAttribute(enableAttribute.getId());
roleConfigDto.setAssignRoleSwitch(true);
roleConfigDto.setRoleMembersMappingAttribute(membersRoleAttribute.getId());
roleConfigDto.setMemberIdentifierAttribute(nameUserSchemaAttribute.getId());
roleConfigDto = (SysSyncRoleConfigDto) syncConfigService.save(roleConfigDto);
Assert.assertNotNull(roleConfigDto.getMemberOfAttribute());
Assert.assertNotNull(roleConfigDto.getRoleIdentifiersMappingAttribute());
Assert.assertNotNull(roleConfigDto.getRoleMembersMappingAttribute());
Assert.assertNotNull(roleConfigDto.getMemberIdentifierAttribute());
// Init users on system.
helper.deleteAllResourceData();
TestResource resource = new TestResource();
resource.setName(usernameOne);
resource.setFirstname(usernameOne);
resource.setLastname(usernameOne);
helper.saveResource(resource);
resource.setName(usernameTwo);
resource.setFirstname(usernameTwo);
resource.setLastname(usernameTwo);
helper.saveResource(resource);
// Start sync of users
helper.startSynchronization(userSyncConfig);
helper.checkSyncLog(userSyncConfig, SynchronizationActionType.CREATE_ENTITY, 2, OperationResultType.SUCCESS);
IdmIdentityDto identityOne = identityService.getByUsername(usernameOne);
Assert.assertNotNull(identityOne);
IdmIdentityDto identityTwo = identityService.getByUsername(usernameTwo);
Assert.assertNotNull(identityTwo);
// Start sync of roles
helper.startSynchronization(syncConfigCustom);
//
SysSyncLogFilter logFilter = new SysSyncLogFilter();
logFilter.setSynchronizationConfigId(syncConfigCustom.getId());
List<SysSyncLogDto> logs = syncLogService.find(logFilter, null).getContent();
Assert.assertEquals(1, logs.size());
SysSyncLogDto log = logs.get(0);
Assert.assertFalse(log.isRunning());
Assert.assertFalse(log.isContainsError());
helper.checkSyncLog(syncConfigCustom, SynchronizationActionType.CREATE_ENTITY, 5, OperationResultType.SUCCESS);
AccRoleAccountFilter roleAccountFilter = new AccRoleAccountFilter();
roleAccountFilter.setSystemId(roleSystemId);
List<AccRoleAccountDto> roleAccountDtos = roleAccountService.find(roleAccountFilter, null).getContent();
Assert.assertEquals(5, roleAccountDtos.size());
// Every role should be assigned to userOne and userTwo.
roleAccountDtos.forEach(roleAccountDto -> {
IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
identityRoleFilter.setRoleId(roleAccountDto.getRole());
identityRoleFilter.setIdentityId(identityOne.getId());
Assert.assertEquals(1, identityRoleService.find(identityRoleFilter, null).getContent().size());
identityRoleFilter.setIdentityId(identityTwo.getId());
Assert.assertEquals(1, identityRoleService.find(identityRoleFilter, null).getContent().size());
});
cleanAfterTest(syncConfigCustom, roleSystemId, log, roleAccountDtos);
}
use of eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter in project CzechIdMng by bcvsolutions.
the class DefaultRoleSynchronizationExecutorTest method testSyncRolesCatalogueUnderMain.
@Test
public void testSyncRolesCatalogueUnderMain() {
AbstractSysSyncConfigDto syncConfigCustom = createSyncConfig();
SysSystemDto userSystem = helper.createTestResourceSystem(true);
List<SysSystemMappingDto> userSystemMappings = systemMappingService.findBySystem(userSystem, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY);
Assert.assertNotNull(userSystemMappings);
Assert.assertEquals(1, userSystemMappings.size());
SysSystemMappingDto userMappingDto = userSystemMappings.get(0);
// Switch to the sync.
userMappingDto.setOperationType(SystemOperationType.SYNCHRONIZATION);
userMappingDto = systemMappingService.save(userMappingDto);
List<SysSystemAttributeMappingDto> attributeMappingDtos = schemaAttributeMappingService.findBySystemMapping(userMappingDto);
SysSystemAttributeMappingDto userEmailAttribute = attributeMappingDtos.stream().filter(attribute -> attribute.getName().equalsIgnoreCase(TestHelper.ATTRIBUTE_MAPPING_EMAIL)).findFirst().orElse(null);
Assert.assertNotNull(userEmailAttribute);
Assert.assertFalse(syncConfigService.isRunning(syncConfigCustom));
Assert.assertTrue(syncConfigCustom instanceof SysSyncRoleConfigDto);
SysSyncRoleConfigDto roleConfigDto = (SysSyncRoleConfigDto) syncConfigCustom;
SysSystemMappingDto systemMappingDto = DtoUtils.getEmbedded(syncConfigCustom, SysSyncConfig_.systemMapping, SysSystemMappingDto.class);
SysSchemaObjectClassDto schemaObjectClassDto = DtoUtils.getEmbedded(systemMappingDto, SysSystemMapping_.objectClass, SysSchemaObjectClassDto.class);
UUID roleSystemId = schemaObjectClassDto.getSystem();
Assert.assertNotNull(roleSystemId);
SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
schemaAttributeFilter.setSystemId(roleSystemId);
schemaAttributeFilter.setObjectClassId(schemaObjectClassDto.getId());
SysSchemaAttributeDto schemaAttributeDto = schemaAttributeService.find(schemaAttributeFilter, null).getContent().stream().filter(attribute -> attribute.getName().equalsIgnoreCase("name")).findFirst().orElse(null);
Assert.assertNotNull(schemaAttributeDto);
SysSystemDto roleSystemDto = new SysSystemDto();
roleSystemDto.setId(roleSystemId);
List<SysSystemMappingDto> roleSystemMappings = systemMappingService.findBySystem(roleSystemDto, SystemOperationType.SYNCHRONIZATION, SystemEntityType.ROLE);
Assert.assertNotNull(roleSystemMappings);
Assert.assertEquals(1, roleSystemMappings.size());
SysSystemMappingDto roleMappingDto = roleSystemMappings.get(0);
// Use ACC script "resolveRoleCatalogueUnderMainCatalogue".
IdmScriptFilter scriptFilter = new IdmScriptFilter();
scriptFilter.setCode(MsAdSyncMappingRoleAutoAttributesProcessor.RESOLVE_ROLE_CATALOG_UNDER_MAIN_SCRIPT);
scriptFilter.setCategory(IdmScriptCategory.TRANSFORM_FROM);
String catalogTransformationScript = null;
IdmScriptDto scriptDto = scriptService.find(scriptFilter, null).getContent().stream().findFirst().orElse(null);
if (scriptDto != null) {
catalogTransformationScript = this.getPluginExecutors().getPluginFor(IdmScriptCategory.TRANSFORM_FROM).generateTemplate(scriptDto);
}
Assert.assertNotNull(catalogTransformationScript);
// Create mapping attribute for get catalog.
SysSystemAttributeMappingDto roleIdAttribute = new SysSystemAttributeMappingDto();
roleIdAttribute.setEntityAttribute(true);
roleIdAttribute.setUid(false);
roleIdAttribute.setSystemMapping(roleMappingDto.getId());
roleIdAttribute.setExtendedAttribute(false);
roleIdAttribute.setIdmPropertyName(RoleSynchronizationExecutor.ROLE_CATALOGUE_FIELD);
roleIdAttribute.setSchemaAttribute(schemaAttributeDto.getId());
roleIdAttribute.setTransformFromResourceScript(catalogTransformationScript);
roleIdAttribute.setName(helper.createName());
roleIdAttribute = attributeMappingService.save(roleIdAttribute);
IdmRoleCatalogueDto mainRoleCatalogue = getHelper().createRoleCatalogue();
// Enable assign of role catalogue.
roleConfigDto.setAssignCatalogueSwitch(true);
roleConfigDto.setRemoveCatalogueRoleSwitch(false);
roleConfigDto.setMainCatalogueRoleNode(mainRoleCatalogue.getId());
syncConfigCustom = syncConfigService.save(roleConfigDto);
//
helper.startSynchronization(syncConfigCustom);
//
SysSyncLogFilter logFilter = new SysSyncLogFilter();
logFilter.setSynchronizationConfigId(syncConfigCustom.getId());
List<SysSyncLogDto> logs = syncLogService.find(logFilter, null).getContent();
Assert.assertEquals(1, logs.size());
SysSyncLogDto log = logs.get(0);
Assert.assertFalse(log.isRunning());
Assert.assertFalse(log.isContainsError());
helper.checkSyncLog(syncConfigCustom, SynchronizationActionType.CREATE_ENTITY, 5, OperationResultType.SUCCESS);
AccRoleAccountFilter roleAccountFilter = new AccRoleAccountFilter();
roleAccountFilter.setSystemId(roleSystemId);
List<AccRoleAccountDto> roleAccountDtos = roleAccountService.find(roleAccountFilter, null).getContent();
Assert.assertEquals(5, roleAccountDtos.size());
roleAccountDtos.forEach(roleAccountDto -> {
UUID roleId = roleAccountDto.getRole();
IdmRoleCatalogueRoleFilter roleCatalogueRoleFilter = new IdmRoleCatalogueRoleFilter();
roleCatalogueRoleFilter.setRoleId(roleId);
List<IdmRoleCatalogueRoleDto> roleCatalogueRoleDtos = roleCatalogueRoleService.find(roleCatalogueRoleFilter, null).getContent();
Assert.assertEquals(1, roleCatalogueRoleDtos.size());
Assert.assertEquals(mainRoleCatalogue.getId(), roleCatalogueRoleDtos.get(0).getRoleCatalogue());
});
cleanAfterTest(syncConfigCustom, roleSystemId, log, roleAccountDtos);
}
Aggregations